package com.txby;

import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.web.util.HtmlUtils;
import org.springframework.web.util.JavaScriptUtils;

public class SqlEscapeExample {
    public static void main(String[] args) {
        String userName = "1' or '1'='1";
        userName= "'";;
        String password = "123456";
        userName = StringEscapeUtils.escapeSql(userName);
        System.out.println(userName);
        password = StringEscapeUtils.escapeSql(password);
        StringEscapeUtils.escapeJavaScript("alert(\"dd\")");
        String sql = "SELECT COUNT(userId) FROM t_user WHERE userName='"
            + userName + "' AND password ='" + password + "'";
        System.out.println(  StringEscapeUtils.escapeJavaScript("<script alert(\"dd\")"));
        
        StringEscapeUtils.escapeJavaScript("<script alert(\"dd\")");
        System.out.println(JavaScriptUtils.javaScriptEscape("<script alert(\"dd\")"));
        
        String ss="北京市-&&北京市-的常福菜场";
        
        ss=HtmlUtils.htmlEscape(ss);
        ss=StringEscapeUtils.escapeSql(ss);
        System.out.println(ss);
        
    }
}